asked on

TrueCrype - Finding ballance between usability and security

I have a file server in a location which is a little out of the way. I understand that encrypting the system drive with TrueCRYPT means that authentication happens pre-boot. This would mean that physical access to the server is required after each restart (currently all [software] admin work is done through remote desktop).

My questions are:

a), does encrypting the sys drive increase data security if confidential information is already encrypted on an external drive, and the OS is basically a clean install shell....

b), if sys drive encryption is to be used, is it possible to have automatic encryption authentication? Does this sound a little pointless?!? The user account would still have a password though...

Feedback welcome!

Thanks guys

SOLUTION

Garry Glendown

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

Rob Knight

Hi,

Do you have a KVM over IP solution on the server such as ILO or DRAC - would having access to this not enable you to authenticate via that console?

Regards.

RobMobility.

ASKER CERTIFIED SOLUTION

McKnife

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

McKnife

One more thing about the scheduled task that does the mounting: it must be run at system startup (and as I proposed using the account: system which does not need a password to be entered=leave it blank if asked for one).

McKnife

> Feedback welcome!
Same on my side :)

Tolomir

This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.